Security Directory

P

Printshop • Digitalni tisak

printshop.hr

0

Printshop.hr is a Croatian digital printing service provider established in 2014, offering a wide range of business and promotional printing products such as business cards, flyers, posters, and canvas prints. The company operates an e-commerce platform allowing customers to calculate prices and order online, targeting businesses and individuals within Croatia. The website is professionally designed with good navigation, mobile optimization, and relevant content focused on its core services. Technically, the site uses modern web technologies including Bootstrap, Google Analytics, Microsoft Clarity, and October CMS, hosted likely within Croatia under the CARNET registrar. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is good with visible privacy and cookie policies aligned with GDPR requirements. No critical vulnerabilities or suspicious indicators were found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fond za zaštitu okoliša i energetsku učinkovitost

fzoeu.hr

0

Fond za zaštitu okoliša i energetsku učinkovitost is a Croatian governmental fund dedicated to environmental protection and energy efficiency. Established in 2004, it serves as a national authority providing funding, regulatory oversight, and public information related to waste management, renewable energy, and environmental sustainability. The website offers comprehensive resources including public tenders, announcements, and educational content targeting Croatian citizens, businesses, and public institutions. The organization maintains a consistent and professional online presence aligned with its governmental role. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with Google Analytics integrated for user tracking under a compliant cookie consent mechanism. Hosting and DNS services are supported by Cloudflare, ensuring reliable performance and security. The site is mobile optimized and includes accessibility features enhancing usability for diverse users. From a security perspective, the website enforces HTTPS and implements cookie consent, but lacks visible security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the organization's Croatian governmental identity, enhancing trustworthiness. Overall, the website presents a secure, professional, and informative platform supporting the fund's mission. Strategic improvements include publishing explicit security policies, incident response information, and enhancing security headers to further strengthen the security posture.

T

Tera Tehnopolis d.o.o.

tera.hr

0

Tera Tehnopolis d.o.o. is a Croatian business incubator and technology transfer organization established in 2003, focused on promoting innovation, entrepreneurship, and the connection between science and the economy. The company offers a range of services including business incubation, technology transfer, consulting, education, and 3D laboratory services, targeting entrepreneurs, startups, and SMEs primarily in the Osijek region and beyond. The website demonstrates a professional digital presence with consistent branding and active social media channels. Technically, the site is built on WordPress with modern plugins and SEO tools, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and basic best practices, but lacks published security policies and vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

Zakon.hr is a well-established Croatian legal information portal operated by cyber_Folks d.o.o., providing comprehensive access to laws, regulations, and legal documents. The website targets legal professionals, businesses, and the general public seeking reliable legal information. It maintains a strong market position as a leading legal resource in Croatia, supported by updated content and a related AI legal assistant service, Zakon.ai. The business model appears to be a combination of subscription and advertising revenue streams.

V

Vodovod i kanalizacija d.o.o.

vik-ka.hr

0

Vodovod i kanalizacija d.o.o. Karlovac is a well-established regional utility company founded in 2002, providing water supply and sewage management services primarily in Karlovac and surrounding areas in Croatia. The company emphasizes quality and environmental responsibility, as evidenced by its ISO 9001 and ISO 14001 certifications. Their website reflects a professional and user-focused approach, offering comprehensive information, customer support, and transparency through detailed policies and contact channels. Technically, the site uses Joomla CMS with modern web technologies and is hosted behind Cloudflare, ensuring good performance and security. The presence of cookie consent and privacy policies indicates compliance with GDPR regulations. However, explicit security policies and incident response contacts are not found, representing an area for improvement. Overall, the website and business demonstrate high legitimacy and trustworthiness with a solid digital presence.

S

Sveučilšni računski centar - Srce

croris.hr

0

CroRIS is an official Croatian government-supported information system dedicated to the science sector, providing comprehensive data on researchers, projects, publications, and scientific infrastructure. It is operated by the University Computing Centre Srce in partnership with the Ministry of Science and Education and other academic institutions. The platform serves as a central hub for scientific data in Croatia, targeting researchers, academic institutions, and government stakeholders. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Font Awesome, with a custom-built CMS and good mobile and accessibility support. Security measures include HTTPS, CSRF protection, and SAML2 authentication for user login, though some security headers and explicit cookie consent mechanisms are missing. The domain registration is consistent with the official nature of the site, registered under CARNET with Croatian country code and appropriate age. Overall, the site is professional, trustworthy, and well-positioned as a national science information resource.

P

Pikant

pikant.hr

0

Pikant is a Croatian design and marketing studio providing a broad range of creative and IT services including web design, graphic design, product design, branding, IT support, and marketing consulting. The company positions itself as a regional leader with a focus on quality and client satisfaction, serving businesses primarily in Croatia and the EU. The website is professionally designed, mobile-optimized, and provides clear contact information and client references. Technically, the site uses modern web technologies such as Google Fonts, Revolution Slider, and Cognito Forms for contact management, with Google Analytics for traffic analysis. Security posture is good with HTTPS enabled and secure form handling, though some security headers and cookie consent mechanisms are missing. The WHOIS data is privacy protected due to GDPR, which is justified for this business type. Overall, the website reflects a legitimate, small-sized business with a solid digital presence.

H

Hrvatska katolička mreža

hkm.hr

0

Hrvatska katolička mreža (HKM) is a Croatian Catholic media organization providing news, spiritual content, and cultural commentary focused on the Catholic Church and related topics. The website serves as a central hub for Croatian-speaking audiences interested in religious life, evangelization, and social issues aligned with Church teachings. HKM maintains a professional online presence with multiple related partner sites and active social media channels. Technically, the site is built on WordPress with modern SEO and analytics tools, offering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable due to GDPR and request limits, which is common for EU domains, but the website content and structure indicate legitimacy. Overall, HKM is a credible media outlet with a solid digital infrastructure and trustworthy content.

D

Direktno.hr

direktno.hr

0

Direktno.hr is a Croatian news media website delivering a wide range of news content including politics, local news, sports, and international affairs. The site targets a general Croatian-speaking audience and operates primarily on an advertising-supported business model. It holds a moderate market position as a regional news outlet with a medium-sized operation. The website features a professional design with consistent branding and good content quality, supporting user engagement and trust. Technically, the website employs a modern technology stack including Google Analytics, Google Tag Manager, Facebook SDK, Chartbeat, Hotjar, and New Relic for performance monitoring. It appears to be built on the Newscoop CMS platform, which is common for news organizations. The site is mobile optimized and performs moderately well, with basic accessibility and good SEO practices. From a security perspective, Direktno.hr enforces HTTPS and implements standard security headers such as Content-Security-Policy and Strict-Transport-Security. There is no evidence of exposed sensitive data or vulnerable libraries in the HTML content. However, the site lacks a dedicated security policy page, vulnerability disclosure program, and explicit incident response contacts, which are areas for improvement. Overall, the website is legitimate and trustworthy, with privacy policies and cookie consent mechanisms in place to comply with GDPR. The WHOIS data is privacy protected, which is justified given the EU jurisdiction and media nature of the site. No WAF or blocking mechanisms were detected, allowing full content access. Strategic recommendations include enhancing security transparency, improving accessibility, and maintaining regular audits of third-party scripts to mitigate risks.

H

Hrvatski zavod za zdravstveno osiguranje

hzzo.hr

0

Hrvatski zavod za zdravstveno osiguranje (HZZO) is the Croatian Institute for Health Insurance, a government entity responsible for providing mandatory and supplementary health insurance services to Croatian citizens and business entities. The website serves as a comprehensive portal offering information on health insurance, parental support, e-health services, and access to various forms and contact points. It targets both individual citizens and business partners, positioning itself as the national authority in health insurance within Croatia. Technically, the website is built on Drupal 11 CMS, utilizing modern web technologies including jQuery, Hotjar for user behavior analytics, and Google Tag Manager for marketing and analytics integration. The site is mobile optimized, accessible, and well-structured with clear navigation and professional design. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers like Content-Security-Policy are not clearly detected, the site follows good security practices typical for government portals. No vulnerabilities or exposed sensitive data were found in the HTML content. However, incident response and security policy pages are not publicly available, which could be improved. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. The lack of WHOIS data is due to GDPR restrictions and does not detract from the legitimacy of the domain, which is a Croatian government domain. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and adding a vulnerability disclosure policy to improve transparency and security posture.

Općina Krapinske Toplice operates an official municipal website providing comprehensive information and services to residents and stakeholders of the Krapinske Toplice municipality in Croatia. The site offers detailed administrative content including organizational structure, public notices, procurement, and community engagement resources. The website is positioned as a local government authority portal, serving a small-sized municipality with a focus on transparency and public service. Technically, the site is built on WordPress CMS using Elementor page builder, leveraging modern web technologies such as jQuery and Font Awesome for UI elements. Hosting and domain registration are consistent with a Croatian academic network provider, ensuring local presence and legitimacy. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements in security headers and incident response documentation are recommended. Privacy compliance is supported by clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and safe for general audiences, with a good balance of content quality and technical implementation.

N

Narodne novine d.d.

nn.hr

0

Narodne novine d.d. is a well-established Croatian company with a 190-year tradition specializing in official government publications, legal books, educational programs, and commercial office supplies. The company serves government entities, legal professionals, and the general public, maintaining a strong market position as the official publisher of Croatia. The website reflects this professional stature with comprehensive content and a consistent brand image. Technically, the site uses legacy technologies such as jQuery 1.8.2 and bxSlider, with Google Analytics and Tag Manager for user tracking. While the site is functional and moderately optimized for mobile, there is room for modernization and improved accessibility. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and updated libraries. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and professional, with a solid digital presence aligned with the company's business model and sector.

P

Povjerenik za informiranje

pristupinfo.hr

0

The website pristupinfo.hr serves as the official online presence of the Croatian Commissioner for Information, providing comprehensive resources related to the right of access to information. It targets both users seeking information and public authorities, offering legal frameworks, educational webinars, open data initiatives, and event calendars. The site is well-positioned as a government transparency and information access portal with a medium organizational size and a founding date consistent with its domain registration in 2013. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Fusion Builder. It is hosted by CARNET, a reputable Croatian academic network, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it lacks some advanced security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, professional, and aligned with its governmental role. Strategic improvements in privacy compliance, security policy transparency, and enhanced security headers would further strengthen its posture.

D

Domino dizajn

domino-dizajn.hr

0

Domino dizajn is a Croatian creative studio specializing in graphic design, printing, digital marketing, and modern web solutions including web shops and mobile applications. With nearly two decades of experience, the company serves businesses seeking comprehensive branding and digital presence services. The website is built on WordPress with Elementor, featuring good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS and cookie consent, though lacks explicit security policies and incident response contacts. Overall, the site reflects a professional and trustworthy business with a clear market position in the technology and creative services sector.

M

MAMFORCE

mamforce.hr

0

MAMFORCE is a Croatian-based organization specializing in Diversity, Equity, and Inclusion (DEI) certifications and consulting services aimed at improving workplace culture for families and women. Their offerings include multiple certification standards such as MAMFORCE Standard, DADFORCE Standard, and INC.Q EQUAL PAY, alongside training and employer branding services. The company positions itself as a leader in promoting fair and inclusive organizational cultures within Croatia. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and various plugins enhancing user experience and tracking capabilities. The site is mobile-optimized and SEO-friendly, reflecting a good level of digital maturity. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No privacy policy or terms of service were found, which is a compliance gap. Overall, the domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting a high legitimacy score.

L

LIBUSOFT CICOM d.o.o.

otvorenazupanija.hr

0

LIBUSOFT CICOM d.o.o. operates the website www.spi.hr, offering the LC Platforma Otvoreno software platform and related IT services primarily targeting businesses in Croatia and neighboring countries. The company has been established since 2011 and maintains a medium-sized business profile with a regional market presence. The website reflects a basic but consistent branding and content quality, focusing on business and technology solutions. Technically, the site is built on WordPress, hosted on AWS infrastructure, and integrates modern tools such as Google Tag Manager, Google Analytics, and reCAPTCHA for bot protection. Security posture is adequate with HTTPS enabled and some best practices observed, though security headers and explicit privacy and cookie policies are missing. Contact information is limited to a phone number and social media links, with no email or physical address explicitly provided. Overall, the website is safe, professional, and trustworthy but could improve in privacy compliance and security transparency.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

0

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

B

Business Angels Impact Fund

baif.hr

0

Business Angels Impact Fund is a Croatian-based investment fund focused on supporting startups and companies that generate social and environmental impact. The website presents a professional and consistent brand image, targeting investors and social enterprises. The technical infrastructure is built on WordPress using Elementor and Astra theme, indicating a moderate level of digital maturity with good mobile optimization and basic SEO. Security posture is moderate with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance measures.

R

Ride & Bike 2

rideandbike.eu

0

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

Z

Zagorska razvojna agencija

cro-si-safe.eu

0

The CRO-SI-SAFE website represents a regional cooperation project aimed at enhancing cross-border partnerships among emergency rescue services in the Krapinsko-zagorska and Savinjska regions. The project focuses on improving civil protection systems and increasing resilience to disasters. The website is professionally designed using WordPress and Elementor, with clear navigation and multilingual support in Croatian, Slovenian, and English. Key services include training, publications, and collaborative activities supported by EU funding. The site demonstrates a solid market position as a government/non-profit regional initiative with trusted partners.

D

Dom za žrtve nasilja u obitelji NOVI POČETAK

novipocetak.hr

0

Dom za žrtve nasilja u obitelji NOVI POČETAK is a Croatian social care institution dedicated to supporting victims of domestic violence and their children. Founded and operated under the auspices of the Krapinsko-zagorska županija regional government, it provides safe accommodation, psychosocial counseling, and professional social work services. The website reflects a well-structured, professionally designed platform with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is strong with HTTPS enforced and appropriate security headers, though it lacks published security policies and cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is trustworthy, compliant with GDPR in terms of privacy policy presence, but could improve cookie consent and incident response transparency.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

H

HZHM

hzhm.hr

0

Hrvatski zavod za hitnu medicinu (HZHM) is a Croatian public healthcare institution specializing in emergency medicine and telemedicine services across Croatia. The website serves as an informational portal primarily in Croatian, with an English language option, targeting the general public and healthcare professionals. The institution operates within the healthcare sector, providing essential emergency medical services and telemedicine support, positioning itself as a key national healthcare entity. Technically, the website is built on WordPress using the Divi theme, incorporating Google Tag Manager for analytics. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and good SEO practices. Security posture is adequate with HTTPS enabled, but lacks several recommended security headers and explicit security policies. Privacy compliance is limited due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the institution's identity and location, supporting its legitimacy. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and security maturity.

P

Poliklinika Magdalena

magdalena.hr

0

Poliklinika Magdalena is a well-established healthcare provider specializing in cardiovascular care with over 25 years of experience. The organization operates multiple physical locations in Croatia, including Zagreb and Krapinske Toplice, and offers a comprehensive range of services from diagnostics to surgical interventions and telemedicine. The website reflects a professional and patient-focused approach, targeting individuals seeking specialized cardiovascular healthcare. Technically, the site is built on WordPress with modern tools such as Gravity Forms for data collection, Google Analytics and Facebook Pixel for analytics, and CookieYes for GDPR-compliant cookie consent. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and domain registration details indicate a legitimate and trustworthy healthcare provider with a solid digital presence.

S

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice

sbkt.hr

0

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice is a specialized healthcare provider focused on medical rehabilitation services for neurological, cardiovascular, orthopedic, rheumatologic, and internal medicine patients, including both adults and children. The hospital also offers outpatient specialist services, health tourism, and preventive health programs. The website reflects a well-established regional medical institution with a clear market position and a comprehensive service portfolio. The target audience primarily includes patients and healthcare consumers seeking rehabilitation and wellness services in Croatia. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for enhanced functionality such as forms and galleries. The site is mobile optimized, accessible, and SEO friendly, with good content quality and consistent branding. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though there is room for improvement in implementing security headers and cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the entity.

Z

Zavod za javno zdravstvo Krapinsko-zagorske županije

zzjzkzz.hr

0

Zavod za javno zdravstvo Krapinsko-zagorske županije is a regional public health institute serving the Krapina-Zagorje County in Croatia. The organization provides a broad range of public health services including epidemiology, microbiology, health promotion, school medicine, environmental health, and mental health and addiction prevention. The website targets local residents and public health stakeholders, offering news, contact information, and resources relevant to the community. The business model is government-funded, positioning the institute as a key regional health authority. Technically, the website uses a custom ASP-based CMS with legacy JavaScript libraries such as jQuery 1.8.2 and Modernizr, alongside modern UI components like the Revolution Slider and UserWay accessibility widget. The site is moderately optimized for performance and mobile devices, with basic SEO and good accessibility features. However, some technical debt is evident due to outdated libraries and lack of advanced security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the use of outdated JavaScript libraries and absence of security headers like CSP and HSTS present potential vulnerabilities. No explicit security or incident response policies are published. Contact information is clearly provided, enhancing trust and transparency. Overall, the website is professional, trustworthy, and serves its public health mission effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Dom zdravlja Krapinsko zagorske županije

dzkzz.hr

0

Dom zdravlja Krapinsko zagorske županije is a public healthcare provider serving the Krapinsko-zagorska County in Croatia. The organization offers a range of primary healthcare services including family medicine, pediatrics, palliative care, and radiology. The website reflects a well-established regional healthcare institution with multiple branch offices, targeting local residents seeking accessible medical care. The business model is government-funded, focusing on essential healthcare delivery rather than commercial services. The website content is comprehensive and professionally presented, supporting patient engagement through news updates and satisfaction surveys. Technically, the website is built on WordPress with modern plugins such as Elementor and Smart Slider 3, ensuring a responsive and accessible user experience. The site uses HTTPS and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The presence of GDPR compliance and a dedicated privacy policy page indicates attention to data protection. However, the absence of explicit security policy and incident response information could be addressed to enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing additional security headers, maintaining up-to-date software, and publishing clear security and incident response policies to further strengthen the security posture and user trust.

R

Radnica.org

radnica.org

0

Radnica.org is a Croatian non-profit platform dedicated to supporting individuals facing workplace discrimination, particularly gender-based discrimination. The website offers educational content, guidance on rights, and an anonymous reporting form to help victims. It is affiliated with CESI, a recognized organization, enhancing its credibility. Technically, the site is built on Webflow with modern web fonts and scripts, delivering a good user experience with mobile optimization and clear navigation. Security-wise, the site uses HTTPS and Cloudflare Turnstile captcha for form protection, but lacks visible security headers and explicit incident response policies. Privacy compliance is well addressed with a cookie consent banner and a privacy policy page. Overall, the site is trustworthy and serves a niche audience effectively.

L

Libela

libela.org

0

Libela.org is a Croatian non-profit organization dedicated to promoting gender equality and social justice through media and advocacy. The website serves as a platform for publishing articles, reports, and news focused on gender facts and social issues relevant to Croatia. It targets a general audience interested in social activism and equality. The organization has been active since 2009, reflecting a mature and stable presence in its niche. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Lightbox2, and Swiper for enhanced user experience. It is hosted on Linode, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility features, and SEO practices, supported by plugins like Yoast SEO and GDPR cookie compliance tools. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, DNSSEC is not enabled, and additional security headers could be implemented to strengthen defenses. Privacy compliance is well addressed with clear privacy and cookie policies and explicit user consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, Libela.org presents a trustworthy, professional, and content-rich platform with a solid security posture and compliance framework. Strategic improvements in DNS security and HTTP headers would further enhance its security maturity and resilience.

C

CESI – Centar za edukaciju, savjetovanje i istraživanje

sezamweb.net

0

SeZaM is a Croatian non-profit educational website focused on sexual education for youth, operated under the auspices of CESI – Centar za edukaciju, savjetovanje i istraživanje. The platform provides comprehensive thematic content on sexuality, gender equality, reproductive health, and related social issues, targeting young people and educators. It includes interactive elements such as a virtual assistant and links to related educational services. The website is well-structured and professionally designed, with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Turbolinks, and Google Analytics, and is hosted on Linode. The presence of CSRF tokens and HTTPS indicates a baseline security posture, although some security best practices such as DNSSEC and security headers are missing. The website is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the domain is mature and registered with a reputable registrar, with protections against unauthorized transfers. No WAF or blocking mechanisms are detected, and the site is fully accessible. However, the absence of privacy and cookie policies, security headers, and vulnerability disclosure mechanisms represent compliance and security gaps. Overall, the site is trustworthy but could improve its security and privacy posture. Strategically, the site serves an important educational role in Croatia, with a clear mission and target audience. It benefits from partnerships with CESI and related services, enhancing its credibility and reach.

A

ArhivPRO d.o.o.

eindigo.net

0

ArhivPRO d.o.o. is a Croatian technology company specializing in digital archiving and cataloguing solutions, primarily through their INDIGO platform. The platform targets institutions such as libraries, archives, museums, and schools, enabling them to digitize, manage, and publish diverse materials including books, photographs, and multimedia. The company demonstrates a strong market position in the cultural heritage and education sectors, supported by client references and EU project funding. Technically, the website employs modern web technologies and responsive design, providing a professional user experience. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy/cookie policies. The WHOIS data is privacy protected due to GDPR, which is justified given the nature of the business. Overall, the website and business present a trustworthy and professional image with room for improvement in privacy and security transparency.

H

Hosting i Domene AKCIJA 1+1

wmd.hosting

0

WMD Hosting operates as a regional web hosting and domain registration provider based in Croatia, offering a comprehensive suite of web services including domain registration, hosting packages, SSL certificates, and web development. The company targets web developers and businesses of various sizes, positioning itself with promotional offers such as the 'AKCIJA 1+1' campaign. Their market presence is supported by over 20 years of experience and a user base exceeding 10,000 clients across 73 countries. The website is professionally designed with multilingual support and integrates modern web technologies and accessibility features.

H

HDIT

hdit.hr

0

HDIT is a Croatian IT integration company established in 2006, specializing in IT system implementation, maintenance, custom software and web development, cybersecurity, and IT consulting. The company holds a strong market position as a leading system integrator and helpdesk support provider in Croatia. Their services cover comprehensive IT infrastructure and application solutions, supported by partnerships with major technology vendors. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, the site is built on WordPress with modern plugins and follows good performance and accessibility standards. Security posture is solid with HTTPS, GDPR compliance, and ISO certifications, though some security headers and incident response disclosures could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Sveučilište u Rijeci

uniri.hr

0

Sveučilište u Rijeci is a well-established public university in Croatia, recognized as the second oldest with continuous operation in the country. The institution offers a broad range of higher education programs, research initiatives, and community engagement activities. The website reflects a strong academic and institutional presence, targeting students, researchers, and the general public interested in education and research. It maintains a consistent brand identity and provides comprehensive information about its services and partnerships, including international collaborations such as ERASMUS and YUFE.

K

KB Studios

kbstudios.hr

0

KB Studios is a small business based in Croatia currently undergoing a website redesign to improve clarity and user experience. The company invites potential clients to contact them via phone or email for services, though specific services are not detailed on the homepage. The website uses WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking, along with Google Translate for multilingual support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but underdeveloped in content and compliance aspects.

H

Hrvatske ceste d.o.o.

hrvatske-ceste.hr

0

Hrvatske ceste d.o.o. is a Croatian state-owned company responsible for the management, construction, reconstruction, and maintenance of the national road network. The website reflects its official status with consistent branding and clear presentation of its services and public information. The target audience includes government entities, contractors, drivers, and the general public interested in road infrastructure and related services. The company operates under the ownership of the Republic of Croatia, positioning itself as the authoritative body for state roads.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

P

Pučko otvoreno učilište Katarina Zrinska – Ozalj

poukz.hr

0

Pučko otvoreno učilište Katarina Zrinska – Ozalj is a small educational institution based in Croatia, founded in 2022. The organization offers a variety of educational and creative programs targeting children, youth, retirees, and adults, focusing on lifelong learning and community engagement. The website reflects a local community-oriented business model with clear contact information and social media presence, positioning itself as a trusted local educational provider. Technically, the website employs modern front-end technologies including Bootstrap, jQuery, and various JavaScript libraries to provide a responsive and visually appealing user experience. While the site is mobile-optimized and well-structured, there is room for improvement in accessibility and SEO optimization. Hosting and domain registration are consistent with the business location, enhancing trustworthiness. From a security perspective, the website implements a cookie consent mechanism compliant with GDPR, but lacks visible advanced security headers and incident response information. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The absence of terms of service and security policies suggests an opportunity to strengthen compliance and user trust. Overall, the website is functional, professional, and safe for general audiences. The risk level is low, but strategic improvements in security posture and privacy transparency would enhance the institution's digital maturity and trustworthiness.

G

Gradska knjižnica i čitaonica Ivana Belostenca

gkc-ivanabelostenca.hr

0

Gradska knjižnica i čitaonica Ivana Belostenca is a small, non-profit public library and cultural institution located in Ozalj, Croatia. It offers library services, cultural events, and access to significant historical works such as the Gazophylacium bilingual dictionary. The website serves as an informational portal for the local community and cultural enthusiasts. Technically, the site is built on Joomla CMS using common web technologies including jQuery, Bootstrap, and Google Maps API. The hosting is provided by ZoNet, a reputable Croatian hosting provider. The site is accessible, with clear navigation and consistent branding, but shows room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance documentation. No forms or tracking scripts are present, minimizing privacy risks but also limiting interactivity. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security and privacy measures.

Z

Zavičajni Muzej Ozalj

zmo.hr

0

Zavičajni Muzej Ozalj is a small cultural heritage museum located in Ozalj, Croatia, dedicated to preserving and showcasing 6000 years of local history through diverse collections including archaeological, ethnographic, and photographic artifacts. The museum also operates an open-air Ethno Park that exhibits traditional architecture and pre-industrial everyday items, targeting general visitors interested in history and culture. The website is professionally designed with good content quality, clear navigation, and accessibility features implemented via the EqualWeb plugin. Technically, it uses a modern but basic tech stack including Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the museum's identity, indicating legitimacy and trustworthiness.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

K

Komunalno Ozalj d.o.o.

komunalno-ozalj.com

0

Komunalno Ozalj d.o.o. is a municipal utility company based in Ozalj, Croatia, providing essential services such as water supply, sewage, and wastewater treatment to local residents and businesses. The website serves as an informational portal offering updates on infrastructure projects, regulatory documents, and contact information. The company appears to be a small-sized government sector entity with a domain registered since 2007, consistent with its operational history. Technically, the website is built on Joomla CMS and uses older JavaScript libraries like jQuery and MooTools. The site demonstrates basic mobile responsiveness and SEO optimization but lacks advanced technical features or modern frameworks. Hosting is inferred to be with zonet.com.hr based on DNS data. Performance is moderate with room for improvement in accessibility and mobile optimization. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which lowers its security posture. There is no evidence of privacy or cookie policies, which indicates compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure information is present. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy for its purpose but would benefit from enhanced security measures, privacy compliance, and modernization to improve user trust and regulatory adherence.

T

Turistička zajednica područja Kupa

tzp-kupa.hr

0

The website tzp-kupa.hr serves as the official tourism portal for the Kupa region in Croatia, managed by the Turistička zajednica područja Kupa. It provides comprehensive information about local attractions, events, accommodation, and gastronomy, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional tourism authority with a focus on promoting natural heritage and active tourism. Technically, the site is built on WordPress using the Flatsome theme, with integrations such as Google Analytics and GTranslate for multilingual support. The infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-branded, serving its purpose effectively.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

J

Javna ustanova za upravljanje zaštićenim dijelovima prirode Dubrovačko-neretvanske županije

zastita-prirode-dnz.hr

0

The website represents the official public institution responsible for managing protected natural areas in the Dubrovnik-Neretva County of Croatia. It provides information about environmental protection projects, permits, public procurement, and general organizational details. The site targets the general public, environmental stakeholders, and government entities, positioning itself as a regional governmental authority with a focus on nature conservation. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Event Organiser. It employs Google Analytics and Tag Manager for traffic analysis and has implemented cookie consent mechanisms, indicating GDPR awareness. The security posture is solid with HTTPS enabled and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained, with clear branding and consistent content quality.

R

Regionalna razvojna agencija Dubrovačko-neretvanske županije - DUNEA

dunea.hr

0

Regionalna razvojna agencija Dubrovačko-neretvanske županije (DUNEA) is a government-established regional development agency founded in 2006 in Dubrovnik, Croatia. The agency focuses on promoting sustainable and balanced regional development, coordinating existing development activities, and aligning with national and EU requirements. Their key services include strategic planning, EU project management, and regional economic development initiatives. The website reflects a professional and consistent brand presence targeting regional stakeholders, local government, and businesses involved in development projects. Technically, the site is built on Joomla CMS with modern frontend frameworks and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and partner links.

D

Dubrovačko-neretvanska županija

edubrovnik.org

0

Dubrovačko-neretvanska županija operates as the official regional government website for the Dubrovnik-Neretva County in Croatia. The site provides comprehensive information about county administration, public notices, events, documents, and contact details, targeting residents and stakeholders within the region. It serves as a key communication channel for government services and public information dissemination. Technically, the website is built on WordPress 6.6.1 with multilingual support via WPML, uses modern web technologies including jQuery and Google Fonts, and implements a cookie consent mechanism to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the website enforces HTTPS and uses updated software versions, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or malicious indicators were detected. Overall, the website is trustworthy and professional, though improvements in privacy policy visibility and security disclosures are recommended.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

0

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

APIS IT d.o.o. operates as an IT service provider specializing in identity federation and authentication services primarily for Croatian government entities such as Grad Zagreb and the Ministry of Culture. The website analyzed is a Home Realm Discovery page facilitating user authentication selection among trusted identity providers. The business targets organizational users within government and affiliated institutions, leveraging Microsoft Active Directory Federation Services (ADFS) technology to provide secure access management. The company holds a moderate market position as a government IT service provider with a medium-sized organizational footprint in Croatia. Technically, the site employs standard web technologies including HTML5, JavaScript, and CSS, integrated with Microsoft ADFS frameworks. The site is functional with basic mobile optimization and accessibility features but lacks advanced SEO and performance optimizations. The infrastructure appears stable but could benefit from enhanced security headers and improved user experience elements. From a security perspective, the site uses HTTPS and implements basic input validation on forms. However, it lacks explicit security headers such as Content-Security-Policy and Strict-Transport-Security, which are recommended for modern secure web applications. No privacy or cookie policies are present, indicating gaps in compliance and user transparency. No contact or incident response information is provided, limiting user support and security communication channels. Overall, the website is safe and professional for its intended government audience but requires improvements in privacy compliance, security hardening, and user support to enhance trust and regulatory adherence.